package com.nationart.backend.controller;


import java.util.Date;
import java.util.List;
import java.util.Map;

import org.apache.commons.lang.ArrayUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.crypto.hash.Sha256Hash;
import org.apache.shiro.subject.Subject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;

import com.baomidou.mybatisplus.plugins.Page;
import com.nationart.backend.common.annotation.Log;
import com.nationart.backend.entity.SysUser;
import com.nationart.backend.service.SysUserRoleService;
import com.nationart.backend.service.SysUserService;
import com.nationart.backend.util.PageVariable;
import com.nationart.backend.util.Response;
import com.nationart.backend.util.ShiroUtils;
import com.nationart.backend.util.ValidatorUtils;


/**
 * <p>
 * 系统用户 前端控制器
 * </p>
 *
 * @author Administrator
 * @since 2018-11-08
 */
@RequestMapping("/sys/user")
@Controller
public class SysUserController extends BaseController{
	
	private Logger log = LoggerFactory.getLogger(SysUserController.class);
	
	@Autowired
	private SysUserService sysUserService;
	@Autowired
	private SysUserRoleService sysUserRoleService;
	
	/**
	 * 所有用户列表
	 */
	@RequestMapping("/list")
	@ResponseBody
	@RequiresPermissions("sys:user:list")
	public Response list(@RequestParam Map<String, Object> params){
		//查询列表数据
		PageVariable variable = new PageVariable(params);
		Page<SysUser> pageUtil = new Page<SysUser>(variable.getPage(), variable.getLimit());
		Page<SysUser> page = sysUserService.queryPageList(pageUtil,variable);
		return Response.ok().put("page", page);
	}
	
	/**
	 * 获取登录的用户信息
	 */
	@RequestMapping("/info")
	@ResponseBody
	public Response info(){
		return Response.ok().put("user", getUser());
	}
	
	/**
	 * 修改登录用户密码
	 */
	@Log("修改密码")
	@ResponseBody
	@RequestMapping("/password")
	public Response password(String password, String newPassword){
		ValidatorUtils.isBlank(newPassword, "新密码不为能空");

		//sha256加密
		password = new Sha256Hash(password, getUser().getSalt()).toHex();
		//sha256加密
		newPassword = new Sha256Hash(newPassword, getUser().getSalt()).toHex();
		
		SysUser user = new SysUser();
		user.setUserId(getUserId());
		user.setPassword(newPassword);
		//更新密码
		boolean bFlag = sysUserService.updateById(user);
		if(!bFlag){
			return Response.error("原密码不正确");
		}
		
		return Response.ok();
	}
	
	/**
	 * 用户信息
	 */
	@RequestMapping("/info/{userId}")
	@ResponseBody
	@RequiresPermissions("sys:user:info")
	public Response info(@PathVariable("userId") Long userId){
		SysUser user = sysUserService.selectById(userId);
		
		//获取用户所属的角色列表
		List<Long> roleIdList = sysUserRoleService.queryRoleIdList(userId);
		user.setRoleIdList(roleIdList);
		
		return Response.ok().put("user", user);
	}
	
	/**
	 * 保存用户
	 */
	@Log("保存用户")
	@RequestMapping("/save")
	@ResponseBody
	@RequiresPermissions("sys:user:save")
	public Response save(@RequestBody SysUser user){
		ValidatorUtils.validateEntity(user);
		
		user.setCreateTime(new Date());
		user.setCreateUserId(getUserId());
		sysUserService.save(user);
		
		return Response.ok();
	}
	
	/**
	 * 修改用户
	 */
	@Log("修改用户")
	@RequestMapping("/update")
	@RequiresPermissions("sys:user:update")
	@ResponseBody
	public Response update(@RequestBody SysUser user){
		ValidatorUtils.validateEntity(user);
		
		user.setCreateUserId(getUserId());
		sysUserService.update(user);
		
		return Response.ok();
	}
	
	/**
	 * 删除用户
	 */
	@Log("删除用户")
	@RequestMapping("/delete")
	@RequiresPermissions("sys:user:delete")
	@ResponseBody
	public Response delete(@RequestBody Long[] userIds){
		if(ArrayUtils.contains(userIds, 1L)){
			return Response.error("系统管理员不能删除");
		}
		
		if(ArrayUtils.contains(userIds, getUserId())){
			return Response.error("当前用户不能删除");
		}
		
		sysUserService.deleteBatch(userIds);
		
		return Response.ok();
	}
}
